0

Hi Everyone, I am looking to protect a webpage in my website. What I would like to do is check if the webpage has been accessed from a pre determined url.

For example:
Mywebsite.com/webpage.php should only be accessed from predetermined.com/url?id=var

I have been doing some digging around and found the following.

$url = 'http://'. $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];

But I am lost with how to check if the url and var is correct. What I am trying to do is stop users going directly to
Mywebsite.com/webpage.php and only allow users to access the webpage from predetermined.com/url?id=var

Hope that makes sence,
Cheers

Edited by Dani: Fixed formatting

2
Contributors
3
Replies
4
Views
5 Years
Discussion Span
Last Post by diafol
1

headers can be spoofed so $_SERVER variables aren't foolproof. Using a hash in the url based on a session could prove helpful

predetermined.com/url?id=var&conf=hash

0

Hi, how would i check if the url is from predetermined.com/url?id=var&conf=hash

0

Oh drat. I misread the question - sorry. I assumed it was something else. Too many late nights! Do you own the predetermined site or have any access to the url that is created? i.e. could you change the querystring to suit your needs?

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.